3.55.4. HostAttrDef Previous topic Parent topic Child topic Next topic

This optional parameter specifies which parameters to get from an LDAP record and how they are to be used to set the parameters of the Radiator Host clause for proxying. Format is
HostAttrDef ldapattrname,hostparamname
where ldapattrname is the name of the LDAP attribute to fetch and hostparamname is the name of the Radiator Host clause parameter it will be used to set. For more information about the available hostparamname, see Section 3.43. <Host xxxxxx> within <AuthBy RADIUS>. If hostparamname is ‘failurePolicy’ it will be used to specify how AuthBy LDAPRADIUS will reply to the originating NAS if no reply is heard from any remote server for this request. The following values are supported:
  • 0 ACCEPT
  • 1 REJECT
  • 2 IGNORE
  • 3 CHALLENGE
  • 4 REJECT_IMMEDIATE
The default behaviour if no reply is heard from any remote server is to not reply to the NAS. This will usually cause the NAS to re-send the request to its secondary RADIUS server.
In HostAttrDef, the ldapattrname may contain special characters, and %0 is replaced by hostCounter, an integer which starts at 1 and increases by one each time a search is made for a given request. You can use that mechanism to fetch different LDAP attributes for the primary, secondary etc. RADIUS servers.
If no HostAttrDef lines are specified, defaults to the equivalent of the following, which is compatible the sample OpenLDAP schema in goodies/radiator-ldap.schema. Note that not all LDAP parameters are required to be present. The minimum set required are Host and Secret. Host can be an IPv4 or IPv6 address.
HostAttrDef oscRadiusHost,Host
HostAttrDef oscRadiusSecret,Secret
HostAttrDef oscRadiusAuthPort,AuthPort
HostAttrDef oscRadiusAcctPort,AcctPort
HostAttrDef oscRadiusRetries,Retries
HostAttrDef oscRadiusRetryTimeout,RetryTimeout
HostAttrDef oscRadiusUseOldAscendPasswords,UseOldAscendPasswords
HostAttrDef oscRadiusServerHasBrokenPortNumbers,ServerHasBrokenPortNumbers
HostAttrDef oscRadiusServerHasBrokenAddresses,ServerHasBrokenAddresses
HostAttrDef oscRadiusIgnoreReplySignature,IgnoreReplySignature
HostAttrDef oscRadiusFailurePolicy,failurePolicy